» visicom_antiphishing.dll
Overview
Analysis
File Details

visicom_antiphishing.dll

Anti-Phishing Domain Advisor

Visicom Media Inc.

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The module visicom_antiphishing.dll, “Visicom Media Anti-Phishing Domain Advisor (Powered by Panda Security)” by Visicom Media has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

Publisher:

Visicom Media Inc. (Powered by Panda Security) (signed by Visicom Media Inc.)

Product:

Anti-Phishing Domain Advisor

Description:

Visicom Media Anti-Phishing Domain Advisor (Powered by Panda Security)

Version:

1, 0, 0, 128

MD5:

1944044eccaa98bd51347345e6607426

SHA-1:

3e1d0a1585703c1fdfbf20ae5719cd544c1c7208

SHA-256:

74d87d1a8e21af38c1d67cd55c012bd63db2c7898f655527473ec8008ecbad45

Scanner detections:

1 / 68

Status:

Potentially unwanted

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

4/25/2024 6:31:02 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Visicom (M)

17.1.25.10

File size:

374.7 KB (383,656 bytes)

Product version:

1.0

File type:

Dynamic link library (Win32 DLL)

Language:

Language Neutral

Common path:

C:\ProgramData\anti-phishing domain advisor\visicom_antiphishing.dll

Digital Signature

Signed by:

Visicom Media Inc.

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

6/23/2010 6:00:00 PM

Valid to:

6/21/2012 5:59:59 PM

Subject:

CN=Visicom Media Inc., OU=SECURE APPLICATION DEVELOPMENT, O=Visicom Media Inc., L=Brossard, S=Quebec, C=CA

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

73C74D9445094BFD79759F7B9CAFD730

File PE Metadata

Compilation timestamp:

12/8/2010 9:52:25 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

9.0

Entry address:

0x1B7CF

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, B6, 82, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 3B, 0D, 94, 42, 05, 10, 75, 02, F3, C3, E9, 2A, 83, 00, 00, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 94, 42, 05, 10, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 94, 42, 05... 
[+]

Entropy:

6.4923

Code size:

286 KB (292,864 bytes)

Remove visicom_antiphishing.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.